The industrial control products industry has historically stipulated or assumed that embedded control devices and/or industrial control products, which are part of an industrial control system or an industrial automation system, are connected to private networks. For example, being connected only to local control networks or in-plant networks, not to the internet or any global networks outside of the local control network. Stating or specifying that embedded control devices or products should be used in a ‘safe’ network environment has been an industry standard. However, this assumption or instruction has not always been followed, leading to embedded control products often having connections to the internet, either accidentally or on purpose. Embedded control products can be exposed to cyber security threats at different levels of severity depending on their function in the network and how they are connected to the internet (outside world). They can be connected directly to the internet, or indirectly through a firewall or network address translation (NAT), which is expected to provide cyber security protection.
In the past embedded industrial control devices have been compromised, some events, such as the 2014 attack on a German steel mill, which significantly damaged a blast furnace, have achieved significant notoriety. With the recent increases in cyber attacks on many networks that were thought to be secure our awareness of the vulnerability of industrial control networks, and the potential for personal injury, death, equipment damage or loss of production that could result, has also increased. Therefore, there is a need to decrease the exposure to, and risk from, cyber security threats on industrial control devices with possible connections to the internet or an outside global network. Thus, a need for more robust, automatic cyber security protection within each embedded control product would be most desirable.